LLM Security Log Assistant

Project overview

Built a Python CLI and log-analysis pipeline leveraging LLaMA 3.1 to act as a junior SOC analyst for security events.

• Developed API integrations to pull Cloudflare and Wazuh alerts into a unified JSONL format.
• Designed LLM prompts to classify events, summarize threats, and recommend remediation steps.
• Implemented a modular architecture for adding new data sources and analysis logic.
• Created a CLI workflow to fetch logs, store them, and run automated analysis end-to-end.

What I learned

• How to integrate multiple security data sources into a consistent analysis pipeline.
• How to prompt-engineer LLMs to provide actionable insights, not just summaries.
• The importance of parsing, normalizing, and cleaning log data before model inference.
• How to design CLI tools that are modular, reliable, and maintainable.